In recent years more and more providers offer the ability to create computing environments in the cloud. For example, Amazon Web Services™ (also known as AWS) launched in 2006 a service that provides users with the ability to configure an entire environment tailored to an application executed over a cloud platform. In general, such services allow for developing scalable applications in which computing resources are utilized to support efficient execution of the application.
Organizations and businesses that develop, provide, or otherwise maintain cloud-based applications have become accustomed to rely on these services and implement various types of environments from complex websites to applications and services provided as a software-as-service (SaaS) delivery model. Such services and applications are collectively referred to as “cloud applications.”
Cloud applications are typically accessed by users using a client device via a web browser. Cloud applications include, among others, e-commerce applications, social media applications, enterprise applications, gaming applications, media sharing applications, storage applications, software development applications, and so on. Many individual users, businesses, and enterprises turn to cloud applications in lieu of “traditional” software applications that are locally installed and managed. For example, an enterprise can use Office® 365 online services for email accounts, rather than having an Exchange® Server maintained by the enterprise.
Enterprises are increasingly adopting cloud-based SaaS offerings. These services are subject to varied network security risks. Known systems for securing these networks operate by inspecting traffic between servers operating the SaaS and the endpoint operated by a user. These known network security systems typically require complex configuration of the endpoint which increases system complexity.
Furthermore, in many cases, the endpoint may not be under the complete control of the enterprise, may be entirely unmanaged, or otherwise unconfigurable. In addition to the difficulties inherent in configuring and administering a user-controlled endpoint, it is difficult to ensure traffic captivation for an entire session when network addresses are generated dynamically.
In addition, modern web/cloud applications, such as the Google® Apps platform, utilize a large amount of client-side code (JavaScript). This can make a suffix proxy implementation much more challenging, as basic proxy functions are insufficient and further intervention in the client-side code is required.
It would therefore be advantageous to provide a solution that would overcome the deficiencies of the prior art techniques for capture and reconstruction of HTTP traffic.